package com.gzhryc.shared_device.oem.h5.agent.controllers;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.gzhryc.common.logging.Logger;
import com.gzhryc.common.xml.XmlTools;
import com.gzhryc.servlet.WebUtils;
import com.gzhryc.servlet.annotation.Route;
import com.gzhryc.weixin.api.event.WxEventReceiveService;
import com.gzhryc.weixin.api.event.msg.resp.EmptyEventResponse;

public class WeixinEventController {
	
	static Logger log = Logger.getLogger(WeixinEventController.class);

	@Route(value = "/wx_event/{projectId}", method = "get")
	public void getEvent(HttpServletRequest request, HttpServletResponse response, HttpSession session) {
		try {
			String signature = WebUtils.getString(request, "signature");
			String timestamp = WebUtils.getString(request, "timestamp");
			String nonce = WebUtils.getString(request, "nonce");
			String echostr = WebUtils.getString(request, "echostr");
			log.info("微信认证，signature = " + signature + "，timestamp = " + timestamp + "，nonce = " + nonce + "，echostr = " + echostr);
			if (SignUtil.checkSignature(signature, timestamp, nonce)) {
				WebUtils.exportText(response, echostr);
            } 
		} catch (Exception e) {
			log.error(e.getMessage(),e);
		}
		WebUtils.exportText(response, "");
	}

	@Route(value = "/wx_event/{projectId}", method = "POST")
	public void postEvent(HttpServletRequest request, HttpServletResponse response, HttpSession session) {
		try {
			Long projectId = WebUtils.getLong(request, "projectId");
			Map<String, Object> data = new HashMap<String, Object>();
			data.put("projectId", projectId);
			Object obj = WxEventReceiveService.receive(request.getInputStream(), data);
			if (obj != null) {
				String xml = XmlTools.changToXmlStr(obj, false);
				log.info("返回微信消息："+xml);
				WebUtils.exportXML(response, xml);
				return;
			}
		} catch (IOException e) {
			log.error(e.getMessage(),e);
		}
		WebUtils.exportXML(response, XmlTools.changToXmlStr(new EmptyEventResponse(), false));
	}

	public static class SignUtil {
		// 与接口配置信息中的 Token 要一致
		private static String token = "XHB";

		/**
		 * 验证签名
		 * 
		 * @param signature
		 * @param timestamp
		 * @param nonce
		 * @return
		 */
		public static boolean checkSignature(String signature, String timestamp, String nonce) {
			String[] arr = new String[] { token, timestamp, nonce };
			// 将 token、timestamp、nonce 三个参数进行字典序排序
			Arrays.sort(arr);
			StringBuilder content = new StringBuilder();
			for (int i = 0; i < arr.length; i++) {
				content.append(arr[i]);
			}
			MessageDigest md = null;
			String tmpStr = null;

			try {
				md = MessageDigest.getInstance("SHA-1");
				// 将三个参数字符串拼接成一个字符串进行 sha1 加密
				byte[] digest = md.digest(content.toString().getBytes());
				tmpStr = byteToStr(digest);
			} catch (NoSuchAlgorithmException e) {
				log.error(e.getMessage(),e);
			}

			content = null;
			// 将 sha1 加密后的字符串可与 signature 对比，标识该请求来源于微信
			return tmpStr != null ? tmpStr.equals(signature.toUpperCase()) : false;
		}

		/**
		 * 将字节数组转换为十六进制字符串
		 * 
		 * @param byteArray
		 * @return
		 */
		private static String byteToStr(byte[] byteArray) {
			String strDigest = "";
			for (int i = 0; i < byteArray.length; i++) {
				strDigest += byteToHexStr(byteArray[i]);
			}
			return strDigest;
		}

		/**
		 * 将字节转换为十六进制字符串
		 * 
		 * @param mByte
		 * @return
		 */
		private static String byteToHexStr(byte mByte) {
			char[] Digit = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
			char[] tempArr = new char[2];
			tempArr[0] = Digit[(mByte >>> 4) & 0X0F];
			tempArr[1] = Digit[mByte & 0X0F];
			String s = new String(tempArr);
			return s;
		}
	}
}
